CVE-2008-0457

Symantec Backup Exec System Recovery Manager 7.0/7.0.1 - Unauthenticated RCE via JSP Upload

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2008-0457. PoCs published by titon.

AI-analyzed exploit summary This HTML form exploits CVE-2008-0457, an arbitrary file upload vulnerability in Symantec Backup Exec System Recovery Manager 7.0. It allows an attacker to upload malicious files to a specified path on the target system via an unauthenticated POST request.

Description

Unrestricted file upload vulnerability in the FileUpload class running on the Symantec LiveState Apache Tomcat server, as used by Symantec Backup Exec System Recovery Manager 7.0 and 7.0.1, allows remote attackers to upload and execute arbitrary JSP files via unknown vectors.

Exploits (2)

exploitdb WORKING POC VERIFIED
by titon · htmlremotewindows
https://www.exploit-db.com/exploits/5078

This HTML form exploits CVE-2008-0457, an arbitrary file upload vulnerability in Symantec Backup Exec System Recovery Manager 7.0. It allows an attacker to upload malicious files to a specified path on the target system via an unauthenticated POST request.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Symantec Backup Exec System Recovery Manager 7.0
No auth needed
Prerequisites: Network access to the target's port 8443
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by titon · htmlremotewindows
https://www.exploit-db.com/exploits/31072

This exploit demonstrates an arbitrary file upload vulnerability in Symantec Backup Exec System Recovery Manager 7.0. The vulnerability allows attackers to upload files to any location on the server via the Apache Tomcat server, potentially leading to remote code execution with SYSTEM privileges.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Symantec Backup Exec System Recovery Manager 7.0
No auth needed
Prerequisites: Network access to the target server · Apache Tomcat server running on port 8443
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28787
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0413
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/5078
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/487688/100/0/threaded
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27487
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1019303
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-08-003.html

Scores

EPSS 0.1186
EPSS Percentile 95.6%

Details

CWE
CWE-20
Status published
Products (2)
symantec/backupexec_system_recovery 7.0
symantec/backupexec_system_recovery 7.01
Published Feb 07, 2008
Tracked Since Feb 18, 2026